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EPSILON SUBSTITUTION FOR IDi VIA 
CUT-ELIMINATION 

HENRY TOWSNER 
in memory of Grigori Mints 


Abstract. The e-substitution method is a technique for giving consis¬ 
tency proofs for theories of arithmetic. We use this technique to give a 
proof of the consistency of the impredicative theory IDi using a variant 
of the cut-elimination formalism introduced by Mints. 


1. Introduction 

The e-substitution method was introduced by Hilbert (see m) in an early 
attempt to prove the consistency of arithmetic. The usual quantified for¬ 
mulas 3x 4>{x,i) are replaced by Skolemized formulas (called e- 

terms because they have often been written with a quantifier (j){ex (/>(x, t), t)). 
An e-substitution is simply a selection of values for these Skolem functions. 
By replacing each term with its selected value, one transforms a proof into 
a sequence of numeric calculations. 

In particular, a proof of a Si statement is validated if we can find any 
substitution making the Si conclusion true (since we have then found an 
actual witness to the Si statement). On the other hand, if a given substitu¬ 
tion fails to validate the conclusion, it must contain an erroneous step: some 
critical formula (f>{u, t) —>■ 4>{c3x4>ii),P) in the proof must be false. This gives 
us a way to make a small improvement in our substitution, by adding the 
information that we can interpret c^xcpii^ as (the value of) n; the sequence 
of substitutions resulting from this process of successive improvements is 
the H-process. Hilbert proposed that if one could prove that the H-process 
eventually terminates, one has shown the consistency of arithmetic. After 
Gentzen had proved the consistency of arithmetic using cut-elimination m, 
Ackermann proved the termination of this process for Peano arithmetic [T] 
(using, of course, transfinite induction up to ep). 

Work by many people has extended variations of Gentzen’s techniques 
to theories with the strength of Hj-comprehension imiES] and then to 
stronger theories [51EIEIII31E2]) culminating in systems at the strength of 
H^-comprehension 


Date: September 2, 2015. 


1 



2 


HENRY TOWSNER 


These proofs became increasingly complicated (notably, the analyses of 
n^-comprehension remain unpublished twenty years after they were an¬ 
nounced), leading Mints to advocate the e-substitution method as an alter¬ 
nate approach. In particular. Mints [H] developed a combination technique, 
in which one shows that the //-process terminates by constructing a differ¬ 
ent sequent calculus for substitutions and applying cut-elimination to this 
process. This method was extended to more powerful theories, including 
elementary analysis |18j . ramified analysis and the hyper arithmetical 
hierarchy [^. 

All these systems, however, are predicative, and impredicativity has al¬ 
ways been a significant hurdle for proof-theoretic methods [21] • Arai [1] 
created a version of the e-substitution method for an impredicative theory 
(a certain theory of inductive definitions) and proved its termination using a 
proof closer to Ackermann’s proof, later extending this to a stronger theory 
of inductive definitions [7] . 

Mints continued to look for a proof of the termination of the //-process 
for impredicative theories. This search focused on the theory IDi, which 
adds an inductive predicate to Peano arithmetic. After Mints (and, starting 
in 2003, the author) struggled for several years to find such a proof, Mints 
proposed a modified, non-deterministic //-process for IDi was able to prove 
that it terminated, first by non-effective means m and then by effective 
ones |15] . This was still not completely satisfactory: the non-determinism 
cannot be necessary, since Arai |3| was able to prove termination of the 
original //-process. 

This paper address that gap: we formulate the ordinary //-process for 
IDi —essentially the same process as in Arai’s work, adapted to avoid or¬ 
dinal notations—and prove that it terminates via a cut-elimination proof 
in the style of [l8|. In addition to those ideas and inspiration from Arai’s 
version |1| , we use adaptations to the cut-elimination techniques introduced 
in [29|. 

1.1. Dedication. This paper is dedicated to Grisha Mints. Without Gr¬ 
isha’s guidance, I would never have become a mathematician, and for many 
years I was fortunate to have his continued support and advice. 


2 . IDi 

IDi is the theory of Peano arithmetic augmented by a predicate standing 
for an inductively defined set. Formally, we fix a formula A(x, A), where 
A is a second order variable which appears positively in A, and add a new 
predicate I to the language. (For clarity, we typically “abbreviate” the 
formula /t by t E I.) We add an axiom and an axiom scheme: 

• Inductive definition: Vx(x E / -H- A(a:,/)), and 

• Inductive closure: Vx(A(a:,(/)) ^ </>(x)) —>■ \/x{x E / —>■ (/>(a:)). 
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It is known that restricting A to Hi formulas does not weaken the system 
m, and since Peano arithmetic can encode pairing, we may further assume 
that A{x,X) has the form \/y B{y,x,X) where B is quantifier-free. 

3. Skolem Functions and c-substitution 

3.1. The Skolemized Language. We work in a Skolemized version of the 
language of IDi. That is, taking Cq to be the language of IDi, we work in 
a language which replaces quantifiers with countably many new function 
symbols intended to be witnesses to existential quantifiers. 

Definition 3.1. We say a formula (j){x,y) with distinguished variable x is 
simple if (^(x, y) contains no closed terms. 

A Skolem term (in a language C extending Cq) is a term of the form c(t) 
where c is a function symbol not present in Cq. 

Whenever £ is a language extending Cq, define C by adding, for each 
formula 3x(/>(x,y) such that (j){x,y) is quantifier-free and simple, a |y|-ary 
Skolem function c^x4>{x,y)- 

Let Cq be the language of IDi. Given we define Cn+i = £„■ We set 
= [j tCn and take C^ to be the quantifier-free part of C^i- 
The simple rank, rks{t), of an expression is the smallest n such that the 
expression appears in 

Having removed quantifiers from our language, we reintroduce them as 
abbreviations for certain formulas with Skolem functions; this will be unam¬ 
biguous because all quantifiers appearing in the rest of this paper will be 
abbreviations of this kind. 

Definition 3.2. is an abbreviation for i) and 

is an abbreviation for f). 

In particular, we have the distinguished formula A{y, X) = Vx B{x, y, X); 
since B is quantifier-free, H is a formula of C^, and we may reinterpret 
A{y,X) as the appropriate formula 

^{^3x —'B{x,y,X) -^) ■ 

Definition 3.3. The only rule of ID\ is modus ponens. The axioms are: 

(1) All propositional tautologies, 

(2) All substitution instances of quantifier free defining axioms for all 
predicates in the language of Peano arithmetic, 

(3) Equality axioms t = t, s = t ^ 4>{s) —>■ for all terms s, t, 

(4) -'St = 0 and Ss = St ^ s = t, 

(5) The critical formulas: 

• Pred: -is = 0 —>■ 3x s = Sx, 

• Epsilon: (j){t) —>■ 3x(/>(x), 

• Indnction: (/)(0) A —)• 3x {(j){x) A -^4>{Sx)), 

• Indnctive Definition: A{t, I) ^ t € I, 

• Closure: \/x{A{x, 4>) Vx(x G / —)■ ct){x)). 
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4. e-SUBSTITUTIONS 

Definition 4.1. A canonical expression is either: 

• a term of the form c(t) where c is a Skolem function and each ti is a 
numeral, or 

• a formula of the form t £ I where t is a numeral. 

We abbreviate the rank Q canonical term y by Cn- 

Definition 4.2. The rank, rk{c) of a function symbol c = c^x(j>{x,y) is given 
as follows: 

• If does not contain /, rk{c^^^(^^^^) = r/cs(c3x</.(a:,j/)(0)), 

• If (/) does contain / and is not i?(x, y,/), rA:(c 33 ,^( 3 , = Q+rks{c^x 4 >{y)(fi))+ 

1 , 

• rk{c^^^B(x,y,l)) = 

The rank of the formula t £ I is kl. 

When e is a canonical term c(t), we often refer to the rank rk{e) to mean 
rk{c). 

Definition 4.3. An e-substitution is a function S such that: 

• The domain of S is a set of canonical expressions, 

• If e € dom(5) is a term then S{e) is either a positive numeral or the 
symbol ?, 

• If e € dom(5) is a formula then S{e) is either T or the symbol ?. 

An e-substitution is total if its domain is the set of all canonical terms. 

Definition 4.4. If S is an e-substitution and ixi€ {<, <, =, >, >}, we define 
'S'xir = {(e, u) E S' I rk{e) cxi r}. 

Definition 4.5. The standard extension S is given by: 

S = S U {(e, ?) I e 0 dom(S)}. 

Definition 4.6. If t is a term, we define the reduetion of t with respect to 
S, 1^15, by induction on t: 

• If t is a canonical Skolem term in the domain of S and S{t) = 7 then 
\t\s = 0, 

• If t is a canonical Skolem term in the domain of S and S{t) ^ 7 then 
\t\s = S{t), 

• If f is a canonical Skolem term not in the domain of S then \t\s = t, 

• If t is a non-canonical Skolem term of the form c(.s) and for some i, 

|sj |5 is not a numeral then \t\s = c(|.§] 5 ), 

^Grisha would not have approved of this definition. Many, many drafts ago, he warned 
me that an inductive definition should not require this sort of exceptional case. This 
was, as always, good advice: in every other case where I have been tempted to do such a 
thing, finding the correct definition not only mooted the need to create an exception, but 
simplified other parts of the proof as well. In this case, however, I have been unable to 
find the correct definition, and the current one seems to work well enough. 
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• If t is a non-canonical Skolem term of the form c(s) and for every i, 
Isils is a numeral then \t\s = |c(|,s| 5 )|s’, 

• If t is a term of the form /(s) for some function symbol / of Peano 
arithmetic, and for some i, Isjls is not a numeral then \t\s is the 
term /(|^s), 

• If t is a term of the form /(^ for some function symbol / of Peano 
arithmetic, and for every i, |siI 5 is a numeral then = /(|^) where 
/ is the interpretation of / in the standard model. 

If (/) is a formula, we define jc/ils inductively by: 

• = R\i\s for any relation symbol R, 

• = |</>|s A I'lpls, 

• \4>'^i^\s = \4>\s V I'lpls, 

• h'/’Is' = 

• If \t\s is a numeral, \t\s € / is in dom(5), and S{\t\ G /) = T then 
It G/|5 = T, 

• If \t\s is a numeral, \t\s G I is in dom(5), and S{\t\ G /) = ? then 
|t G I\s = -L, 

• If \t\s is not a numeral or \t\s G / is not in dom(5) then \t G I\s = 

\t\s G I- 

We say 5 1= i;A if |i;A |5 is sentence in the language of Peano arithmetic which 
is true in the standard model. 

Note that it is possible to have S ^ 4> and S 
Definition 4.7. S decides (/> if 5 1= i;A or 5 1= ^cj). 

It is easy to check that if S is total then S decides all sentences. 

Lemma 4.8. (1) If all expressions in t have rank < r and S^r = S'^j. 

then l^ls = |t|s"- 

(2) If all expressions in have rank < r and 5<r = S'^j. then S \= (p iff 
S' \= (p. 

Proof. The hrst part is a straightforward induction on t. The second part 
is a straightforward induction on (p, using the first part. □ 

We would like our substitutions to be correct; for instance, if (c^j. 0 (a;,y) G 

S, it should be the case that S \= (p{n,i). To make this precise, we identify, 
for each (e, u), a formula F{e,u), with the expectation that F{e,u) should 
be true if (e, u) is to be put in S. 

Definition 4.9. 

f T if n = ? 

F{e,u) = I (p{u, t) A A^,<n i) if e = (f) and n / ? 

Aft, I) if e = t G / and tt A ? 

We say S is correct if for every (e,u) G S, S 1= F{e,u). We say S is 
computationally consistent (cc) if whenever {e,u) £ S, S -‘Ffe,u), and if 



6 


HENRY TOWSNER 


there is not an n such that (cn, u) & S with u ^ 1 and also (n € I, T) € S'. 
We say S is computationally inconsistent (ci) if S is not cc—if there is an 
(e,rt) € S such that S 1= -'F{e,u), or if for some n,u ^ 7, {cn,u),{n € 
I,T)eS. 

S is computing if for every (e, tt) & S, S decides F{e,u). 

Lemma 4.10. If rk{e) = r ^ Q., S F{e,u), and S^r = S'^j. then S' 1= 
F{e,u). 

Proof. When r Q, all canonical expressions occurring in F{e, u) have rank 
< r, so the claim follows from Lemma 14.81 □ 

Note that there are two types of canonical expressions of rank fl, formulas 
of the form n € / and the terms Cn (i.e. terms of the form y 

Definition 4.11. Expressions of the form n G I are positive rank Q expres¬ 
sions. We write 

<5=0°™ = {(e, T) G S I rk{e) = Q and e is a formula}, 

^+^erm = g 5 * | and e is a term}, 

and 

Q+ _ Q+,form I I Q+,term 

Expressions of the form c„ are negative rank H expressions. We write 

g g | = Q and 6 is a term}, 

‘S'=o°™ = {(e, ?) G 5" I rk{e) = It and e is a formula}, 

and 

Q— _ Q—,term , . q—, form 

The fact that positive and negative expressions can be separated by dis¬ 
tinguishing formulas from terms is an incidental feature of our formalism; 
the important fact is that I appears positively in F{e,u) when e is a pos¬ 
itive expression and negatively when e is negative. Rank It terms have 
cyclical dependencies— F{n G I,T) is the formula A{n,I), which contains 
C 3 x^Bix,y,i){n), while F{cj^^B(x,y,i),'m){n) is -nR(m, n, I), which may con¬ 
tain various expressions t £ I. The analog to Lemma 14.101 depends on the 
fact that I appears positively in B{x, y, I), so negatively in -'B{x, y, I), and 
so again positively in A{y,I). 

Lemma 4.12. Suppose rk{e) = 11, S' 1= F{e,u), and S'<n = S'^q. 

• If e is a positive rank H expression and (S'')”^^ C 5“^ then S' 1= 

F{e,u), _ 

• If e is a negative rank H expression and (S'')^q C Sfi^ then S' 1= 
F{e,u). 
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Proof. In the first case, F{e,u) is A{n,I) for some n, so if S' \f F{e,u), it 
must be because {c^x {x,y,i) G S' with some u 7. Therefore also 

{c 3 x^B{x,y,i){n),u) G S, so S ^ F{e,u). 

In the second case, F{e,u) is —'B{u,n, I) for some u,n. The only canon¬ 
ical expressions appearing in —'B{u,n, I) are expressions of the form t £ I, 
all of which appear negatively. The claim follows immediately using the 
monotonicity assumption. □ 

The main point of these definitions is the following: 

Theorem 4.13. Suppose that for every proof of a formula (p in IDi, there 
is a computing correct e-substitution S such that S \= p. Then IDi is 1- 
consistent. 

Proof. Suppose IDi h 3x(f){x,i) where (p is quantifier free and the t are 
numerals. Then IDI ^ 'P{c 3 x 4 i{i):i)- By assumption there is an S so that 
S 1= <Pic 3 x 4 >{i),i), and so p{c 3 x^{i),t) is a true quantifier-free formula, so 
3xp{x,if) is a true Si formula witnessed by the number C 3 x^{i). □ 

The following properties are standard mm- 

Lemma 4.14. * If cr is an axiom other than a critical formula then 

S \= a, and 

• If S \= p and S \= p ^ Ip then S \= p. 

Therefore to prove the 1-consistency of IDi, it suffices to show that for 
every proof in IDi, we can construct S satisfying every critical formula in 
that proof. 

4.1. History. Because IDi is impredicative, it is not enough to track sub¬ 
stitution values: when we want to make n £ I true, we also have to track 
the history which justified that. 

Definition 4.15. A substitution history is a pair P,V such that P is a 
finite sequence of distinct formulas, each of the form n £ I for some n, 
and y is a function whose domain is the set of formulas appearing in P 
and for each n G / in dom(I/), V{n £ I) is a finite e-substitution with 
{V{n£l))Z^ = V{n£l). 

P = {ni G nfc G /) is admissible if for each i < k, |P(0, n^, ^ 

is true. 

A historical substitution is a triple {S,P,V) where P,V is a substitution 
history and the sequence P is an ordering of dom(S'^^°™). 

Recall that is the set of n G / such that (n G I, T) £ S. 

We often equate historical substitutions {S, P, V) with just their substitu¬ 
tion 5; for instance, we speak of the domain of (5, P, V), by which we mean 
the domain of S. 

When we have a sequence of historical substitutions (5i, Pi, lA),..., {Sk, Pk, Vk), 
the sequences Pi represent the order in which formula n £ I appeared in 
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Sj for j < i. When we update Sk to 5^+1 by adding a formula n G I, we 
may have to remove terms of the form (cm,u) which are no longer correct, 
and we record these formulas in Vk+i{n € /). At some k' > k, we might 
add (cn,u} for some u ^ and therefore we should remove the formula 
n € I to preserve correctness. When we do this, we also return the formulas 
Vk+i{n G I) to S’fc'+i- If we did not do this, it would be possible for the 
process we describe below to get caught in a loop. 

4.2. The //-Process. From here on, let Cr = {Cro, ... ,C'r 7 v} be a fixed 
finite list of closed critical formulas. 

Definition 4.16. We say S is solving if for each I < N, S \= Crj. 

When S' is a correct nonsolving substitution, there are some (and possibly 
many) critical formulas Crj which are not currently satisfied by S; we wish 
to modify S to satisfy one of them. (Inevitably, doing so may cause formulas 
which were previously satisfied to become unsatisfied; the main work of this 
paper is showing that the resulting process eventually terminates.) To do 
this, we identify, for each unsatisfied Crj, a pair (e,u) which we could add 
to S to satisfy that particular formula. We will ultimately choose to add a 
pair minimizing rk{e). 

Definition 4.17. Let {S, P, V) be a historical substitution where S is correct 
and nonsolving. 

_ p y 

For I < N such that S Crj, define a term Cj’ ’ depending on the type 
of the formula Crj: 

(1) If Cri is a Pred axiom -is = 0 —>■ 3x s = Sx then 

spy 1 spy _ I I 1 

Bj and Vj pis' 

(2) If Cri is an Epsilon axiom ())(f) —>■ (p{x, ^ then 

spy \ A spy |,| 

e/’ ’ = C3a;|fli|^(ms) = fIs- 

(3) If Crj is an Induction axiom of the form (p{0, s) A ^ —>■ 
3x {(p{x, ^ A ^4’{Sx, ^) then 

6/ = (|0(x)|gA-.|</)(Sx)|^)(l'S|5) 

and is the least m < |t|^ such that S 1= but S 1= 

+ 1 , 

(4) If Crj is an Inductive Definition axiom of the form A{t, I) ^ t (z I 
then 

spy I,I ^ T A spy -r 

= |r|^ G I and Vj = \ . 

(5) If Crj is a Closure axiom of the form \/x{A{x, 4>{x)) -A (t>{x)) -A 

yx{x € I -A 4’{x)) then let n G / be the first formula in P such that 
S 1= We consider two cases; if 5 1= -'A{n, then we take 

spy _ 1 spy XN 

and Vj \B{x,y,if>)\^\ST1^)) ■ 
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Otherwise we take 

s,py _ A s,p,v _ 

A(a;,|(/)|^)A-'|0(a;)|^('5) and Vj Tl 

where s is the closed terms appearing in |</>|^. 

For each /, let = rk{e^’^’^). 

Definition 4.18. When (S, P, V) is a historical substitution with S correct 
and nonsolving, we let I{S,P,V) be the I such that is least among 

I < N with S \f Crj and I{S, P, V) is least among such /. 

We now describe how we update the historical substitution {S,P,V) to 
a new substitution H{S,P,V). We abbreviate I{S,P,V) by I. The two 
cases where are more complicated (and the essential ones for the 

extension of the process to IDi) so we describe them separately. 


Definition 4.19. Let {S,P,V) be a historical sequent with S correct and 
nonsolving. Let I be such that ’ is least among those I with S \f Crj 
and I is least among such indices. We set Cr{S, P,V) = Crj, r{S,P,V) = 
e{S,P,V) = and v{S,P,V) = We call e{S,P,V) the 

H-expression and v{S,P,V) the H-value. 

If > 17 then we set 

If < 17 then we set 

H{S,P,V) = ((S<,,s,P,v-) \ {(ef'’'*',?)})) U 1,i). 

S P V 

We now turn to the case where rf' = 17. In the positive 17 case we add 
a new n € I and must update P and V accordingly. 

Definition 4.20. If r{S, P,V) = 17 and is the positive 17 expression 

n £ I, we set 

HiS, P, V) = (5<o U 51^, U {{ef^’^, T)}, P^(n G I), F U {(n G I, SZ^)}). 


As in the r ^ Zl case, we remove all expressions of higher rank. We also 
remove negative expressions of rank 17—note that they may no longer be 
correct—but we record the expressions we have removed in V. 

In the negative 17 case we have potentially invalidated some (n G /, T). 
We wish to do more than just remove this element; we wish to restore the 
rank 17 part of S to the state it was at when we first added (n G /, T). 
(Note that we do not distinguish whether Crj was a Closure axiom of an 
Epsilon axiom which happens to have a term of rank 17 as its main term.) 

Definition 4.21. If r{S,P, E) = 17 and is the negative 17 expression 

Cn, we define: 

• P' is the longest initial segment of P not containing n £ I, 
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• S' is those (cm, ?) € 5 and those (m G /, T) such that m £ I appears 
in P', 

• if P''~'{n Gl)QP,V' = V{n G I), 

.ifp' = p, V' = SZ^. 

We set 

HiS, P, V) = (5<n US'UV'U {{cn,vp^'^)}, P', V \ P'). 


To interpret this definition, note that adding a negative ri expression may 
invalidate positive expressions. In particnlar, if (n G /, T) appears in 5, 
it conflicts with and must be removed; further, respecting the 

history P, V requires assuming that any m ^ I added after n ^ I might 
depend on n G / to be justified, so these must be removed as well. We also 
remove all (cm,?) other than those which must remain (because they are 
part of the justification of an m G / which comes before n G /). Finally, 
when we remove n G /, we should restore all those negative expressions 
which the addition of (n G /, T) caused us to remove, which is the addition 
of V'. 

This gives us the H -process: 


• {So,Po,Vo) = ( 0 , 0 , 0 ), 

. .o p V ( HiSk,Pk,Vk) 

(Sk+l,Pk+uVk+i)-^ 


if Sk is nonsolving 
if Sk is solving 


Lemma 4.22. Each is correct. 


Proof. By induction on A:. Sq is trivially correct. 

Suppose Sk is correct. First, suppose r{Sk, Pk,Vk) 7 ^ 0. If (e,u) G Sk 
then the result follows from the correctness of Sk, the fact that {Sk)<cr{Sk) ~ 
{Sk+i)<r{Sk)^ Lemma ilUl 

If (e,u) G Sk+i \ Sk then e = e{Sk,Pk,Vk), Cr{Sk,Pk,Vk) was a Pred, 
Epsilon, Induction axiom or the second case of a Closure axiom, and 
the definition of e{Sk,Pk,Vk) and the fact that {Sk)<r{Sk) = (‘S'fc+i)<r(Sfc) 
ensures that 5^+1 1= F{e,u). 

So suppose rk{Sk, Pk,Vk) = 0,. If (e, u) G Sk+i with rk{e) < Q then 
{e,u) G Sk and the result again follows from the correctness of Sk, the fact 
that {Sk)<r{Sk) = (‘S'fc+i)<r(Sfe), and LemmaSTHl 

If e{Sk, Pk,Vk) is a positive H expression then {Sk+i)ZQ = 0, so we need 
only consider If {e,u) G (5'fc+i)^(^°™ then Sk+i N F{e,u) 

because (*S'fc+i)=n = 0- 

Suppose e{Sk, Pk, Vk) is a negative Q expression c^. The case where (n G 
I, T) 0 Sk is much like the case where the rank is not Q. If (e, u) G {Sk+i)ZQ 
then Sk L F{e,u), and since (*S'fc+i)lf^ = {Sk)^Q we have Sk+i 1= F{e,u) by 
Lemma [4.121 If (e,u) G (<S'fc+i)^Q then either u = ?oreismG/; since 
m ^ n, {Sk+i)Zp = iSk)Z^ U {{cn,v{Sk, Pk,Vk))}, and Sk 1= F{e,u), also 
Sk+i^F{e,u). 
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Finally, consider the case where e{Sk, Pk,Vk) is a negative Q, expression 
Cn and (n G /, T) G Sk- Let j < A: be maximal so that e{Sj,Pj, Vj) is n G I — 
that is, the step from Sj to Sj+i was the step at which n ^ I was added. 
By a straightforward induction, Pj must be an initial segment of each Pj/ 
for j < j' < k, and therefore Pj = Pk+i- By the inductive hypothesis, Sj 
is correct. Note that {Sk+i)=n = iSj)=n U {{cn,v{Sk, Pk,Vk))} U S' where 
S' consists of some pairs (cm,?) where {m G /, T) G Sj. Then for each 
(e,u) G Sk+i, Sk+i b F{e,u) as in the previous case. □ 

What remains is showing that the FA-process eventually terminates: that 
is, that there is a A: with Sk+i = Sk, since such an Sk is necessarily correct 
and solving. 


5. Deduction System 

When we defined the FF-process, we defined it in terms of sequents {Sk, Pk,Vk) 
where Sk{e) is never ?, because we worked with Sk rather than Sk- However 
below it will be more useful to stay within S —in particular, to require that 
if (e, ?) is used in the computation of the H{S,P,V) then (e,?) is actually 
present in S. 

Definition 5.1. If S is correct and nonsolving, we say the H-step applies 
to {S,P,V) if all calculations in the computation of H{S,P,V) take place 
in S. 

If the FF-step applies to {S,P,V), we say e is active at {S,P,V) if e G 
dom(S'), rk{e) = r{S, P, V), and either e ^ dom{H{S, P, V)) or the value of 
e in H{S, P, V) is different from the value in S. 

When we say “all calculations in the computation of H{S,P,V)”, we 
include that if e{S, P, V) = c„ then n ^ I must be in dom(5), and conversely 
if e{S,P,V) = n ^ I then Cn must be in dom(5). We also include that if 
{cn, ?) G 5 and e{S, P, V) is a term of rank H then n € I G dom(S') (so that 
we know whether or not to include (c^, ?) G H{S, P, V). 

Note that if the FF-step applies to (5, P, V) and {S', P', V') is an extension 
of {S, P, V) (i.e. S' D 5, P' □ P, V' D V) and S' is still correct then 
{S',P',V') has the same FF-expression and FF-value as {S,P,V). Also, note 
that if the FF-step applies to {S, P, V) then (e(5, P,V),1) G S. 

When r{S,P,V) 7 ^ H, e is active at {S,P,V) iff e = e{S,P,V). When 
r{S,P,V) = H, however, other rank H expressions can also be active: when 
e{S,P,V) is a formula, all of SZq is active, and when e{S,P,V) is a term, 
many elements from S^q may be active. 

Definition 5.2. A sequent 0 = (5, P, V, F) is a historical sequence {S, P, V) 
together with a function 

P : {e G dom(5) | S{e) = ? or rk{e) = H} — {t, /}. 

When 0 = (5, P, y,P), we write 05 for S, @p for P, and so on. We 
write dom(0) for dom(S'). We often write {e,u) G 0 as an abbreviation for 
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(e,it) G Qs- We write Qt = {{e,u) G Qs \ &F{e) = t} and 0/ = {(e,rt) G 

0s I 0F(e) = /}. 

If ixiG {<, <, =, >, >} then we say 0 ix] r iff for every e G dom(0), rk{e) ex 
r. We write 0|xir for the sequent with 

• (0Mr)s ~ (0s)Mr) 


• (0Mr)p 

• (0Mr)y 

• (0txir)p 


0p 

if 17 X r 

0 

otherwise 

0u 

if 17 X r 

0 

otherwise 


Qp \ dom(0^r)- 


We extend H{S, P, V) to H{S, P, V, F); the only new complication is defin¬ 
ing how F should be defined on new expressions appearing in H(S, P, V) but 
not S—F should be equal to t on all such elements. 


Definition 5.3. We say the H-step applies to 0 = (5, P, V, F) if the F-step 
applies to {S,P,V). We write r(0) for r(S', P, F), and similarly for e(0) and 
u(0). We define a sequent H{Q) as follows; 

. H{e)s = H{S,P,V)s, 

• H{e)p = H{S,P,V)v, 

• H{e)v = H{S,P,V)p, 

• H{&)p P 0F f dom(i7(0)5), and if e G dom(P(0)5) \ dom(5) and 
either H{Q)s{e) = ? or rk{e) = then P(0)ir(e) = t. 

e is active at 0 if e is active at {S, P, V). 


It will be convenient to indicate adding a single element to a sequent 
by juxtaposition. We need several cases to cover the different amounts of 
information needed depending on the form of the expression we are adding. 


Definition 5.4. When e is a canonical term, rk{e) ^ Q, u ^ 7, and e 0 
dom(0), we write (e,u),0 for the sequent 0' such that: 

• 0^ = 05 U {(e,!/)}, 

• 0p = 0p, Qy = &V, 0p = 0F- 

When e is a canonical expression, i G {t,/}, and e 0 dom(0), we write 
(e, ?, i), 0 for the sequent 0' such that: 

. 0'5 = 05U{(e,?)}, 

• 0p = 0p, By = ©U, 

• 0'^ = 0p U {(e,i)}. 

When e is a canonical term with rk{e) = 17, i G u ^ 7, and 

e 0 dom(0), we write (e,u, f), 0 for the sequent 0' such that; 

• ©5 = ©s U {(e,^)}, 

• Bp = 0p, By = ©U, 

• 0p = 0p U {(e,i)}. 

If e is an expression of the form n £ I with e 0 dom(0), we say Pe is 
proper for e, 0 if; 
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• Pg is a finite sequence of distinct formulas of the form m ^ I, 

• if m € / is in Pe and {cm, u) € Q then u = 7, 

• Qp^Pg is admissible, 

• the last element of Pg is e, and 

• 0p and Pg are disjoint. 

When e is an expression of the form n € I, i £ {t, /}, Pg is proper for e, 0, 
and dom(14) is exactly those m £ I appearing in Pg^ we write (e, T, i, Pg, Vg) 
for the sequence 0' such that; 

• Q'g = 05 U {{m £ I,T) \ m £ I appears in Pg}, 

• 0'p = Qp-Pe, 

• 0'^ = 0y u w, 

• 0^ = 0p U {{m £ I,i) \ m £ I appears in Pg}. 

When we write {e,u),Q (or any of its variants), we always assume that 
e 0 dom(0). 

We now define a deduction system for our sequents. The axioms and 
inference rules are as follows. 

• AxF: 0 is an instance of AxF if 05 is computationally inconsistent, 

• AxS: 0 is an instance of AxS if 05 is solving, 

• AxHg^^: 0 is an instance of AxHg^y if the P-step applies to 0 with 
e = e(0), and v = v{Q), and there is an active P £ dom(0) with 
OF(e') = f, 

• Cutg'. When e is a canonical term with rk{e) p 17, 

(e,?,/),0 ••• (e,M),0 ... («GN) 

0 

• CutPrg-. When e is a canonical term with rk{e) p 17, 

(e, ?,7),0 ... (e, m), 0 ... (rt G N) 

0 

• CrttgWhen e is a canonical term with rk{e) = 17, 

(e,?,/),0 ••• {e,u,f),Q ... (mGN) 

0 

• CutPr^P'^’^: When e is a canonical term with rk{e) = 17, 

(e,?,7),0 ... {e,u,f),e ... (uGN) 

0 

• CrttgWhen e is a positive rank 17 formula, 

(e, ?,/),0 ... (e,T,/,Pg, 14),0 ••• (Pe is proper for e, 0) 

0 

• Frg-. 

(e,?,7),0 

0 

• Pe,v- 
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(e,?,i),0 

where the H-step applies to (e,?,t),0 with e = e(0), and v = 
n(0), and for every e' active in (e, ?,t),0, ((e, ?, t), 0)F(eO = If 
{e',u) E \ ((e,?,t),0) then iJ((e, ?, t), 0)F(e) = t. 

The various Cut and CutFr rules share a common form, so we could 
combine all three rules into a single rule stated slightly more abstractly; 
however, for clarity, we have stated the three cases separately instead. 

A deduction is a well-founded tree constructed according to the inference 
rules above. 

Definition 5.5. If S is a set of sequents, a deduction from <S is defined 
inductively: 

• If 0 E <S then 0, by itself, is a deduction of 0 from <S, 

• If 0 is an axiom then 0, by itself, is a deduction of 0 from S, 

• If I is an inference rule 

••• 0, ••• (zEX) 

0 

and for each z E X, d* is a deduction of 0j from S then I({dj}jgi) 
is a deduction of 0 from S. 

A derivation is a deduction from 0. 

We generally view deductions starting at the root and moving towards 
the leaf: our goal is to obtain a derivation of 0 consisting of only Fr and 
H inferences, since, as we will show below, such a derivation will prove that 
the dd-process terminates. We will start with a derivation of 0 consisting 
entirely of Cut (or its variants, so as we move away 

from the root we consider all possible values that an expression e could be 
assigned. 

These rules enforce that when 0j7’(e) = /, e is “fixed”—as we move further 
away from the root, a value (e,?) with 0j7’(e) = ? will never change. 0n 
the other hand when Qp^e) = t, we could encounter an H inference which 
removes (e, ?) and replaces it with (e, u). 

In any rule X^, we refer to e as the main expression of the rule. If d is a 
deduction ending in a Cutf, or CutFr^ rule (or an variant), we generally 
refer to the immediate subdeduction of (e, m), 0 as du- 

6. A Starting Derivation 

The construction of the original derivation in this section is the same as 
in [18] for e-terms e, the step described in Lemma [6.21 In Lemma (6. 3 1 we use 
Cutginferences to decide formulas n E /. 

Essentially, we attempt to evaluate the critical formulas; if our sequent 
is not already an axiom then it must be computationally consistent, non¬ 
solving, and the id-rule does not apply, so we will find canonical expressions 
which have not been assigned values. We apply a cut over some canonical 
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expression appearing in our critical formulas, and repeat the process for 
every premise of the cut. In order to show that the process halts, we always 
choose canonical subexpressions of formulas having the maximum possible 
rank. A small complication is presented by the fact that the evaluation of 
formulas in this way could lead us to something ill-founded if we insist on 
evaluating everything (for instance, if the formula A{n, I) includes n + 1 £ I 
as a subformula, we cannot expect to have a well-founded tree consisting of 
Cut-inferences where all AxH inferences are actually computing). 

This construction depends on the fixed set of critical formulas Cr = 

{Cro,... ,CrN}- 


Definition 6.1. For any sequent 0 and any set of formulas C, let 
F(0, C) = C U {F{e, u) I (e, u) G Os, e is a term}. 


Dehne: 


• p(&,C) = max{rA:^(|(()|eg) | cj) G F{e,C)}, 

• d{4>) is the total number of formulas t G I and Skolem terms appear¬ 
ing in 0, 




d{(f>) if rks{4>) = r 
0 otherwise 


• u(0, C) — IV ■ p{Q) + #<i>sF{0,c)dp{e,c){\4>\es)- 


Note that if S' C S" then d{\(j)\s') < d{\(p\s), and if e is a canonical expres¬ 
sion appearing in |(/)|s' and e G dom(5') then d(|(/)| 5 ') < (i(|(/)| 5 ). Therefore 
the quantity u(0) describes the highest rank appearing in F(0) (the iv- p{Q) 
term) together with the number of expressions we might have to add to 0 
before we can reduce that rank. 


Lemma 6.2. 7/0 is a sequent, (p G F{Q,C) with rks{\4>\Qg) = Pi^^C), 
and e is a canonical term appearing in |(()|e _5 with rk{e) ^ fl, then there is a 
deduetion of Q from sequents Q' with v{Q',C) < v{Q,C) consisting entirely 
of Cut-inferences of rank <17-1- p{Q, C). 

Proof. We deduce 0 from sequents (e,u),0 using a Cutg-inference. It suf¬ 
fices to show that u(((e, u), 0), C) < u(0, C). 

Observe that F(((e, u), 0), C) = F{Q,C)U{F{e,u)}. If p{{{e,u),Q),C) < 
p(0, C) then certainly u(((e, u), 0), C) <u(0,C). Suppose p(((e, u), 0), C) < 
p{Q,C); then since rks{F{e,u)) < rks{e) < p{Q,C), F{e,u) does not con¬ 
tribute to u((e,u),0). For each xp G F{Q,C), we have rks{\'4>\pe^u),e)s) — 
rksdiplsg), and if rA:s(|V’|((e,«), 0 )s) = rks{\x{;\eg) then for every subterm 
in |V’l((e,u), 0)5 there is a corresponding term with rank at least as high in. 
Moreover, (i(|</>|((e,n), 0 )s |) < rf(|</>| 0 s)> so u(((e, u), 0), C) < n{Q,C). □ 

Lemma 6.3. If 0 is a sequent, p G F(Q, C), and e is a canonical formula 
appearing in |<^| 0 s then there is a deduction of 0 from sequents Q' with 
u(0',C) < u(0,C) consisting entirely of Cut-inferences of rank < 71. Fur¬ 
thermore, if rks{\4>\0s) ~ Ihen the deduction of Q is from sequents 

0' with u(0',C) < u(0,C). 
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Proof. We deduce 0 from sequents (e,?,/),0 and {e,T, f, Pe,Ve),Q using 
a C'Mt^’*^°™-inference. The claim follows as in the previous lemma. □ 

Lemma 6.4. If Q is a sequent, cj) G F{Q,C) with rks{\(p\Qg) = p(0), and 
e is a canonical term appearing in |0|es with rk{e) = then there is a 
deduction of Q from sequents 0' with i/{Q',C) < n{Q,C) consisting entirely 
of Cut-inferences of rank < p(0, C). 

Proof. We deduce 0 from sequents (e, u), 0 using a Cute-inievence. For each 
(e,u), 0 , we apply the previous lemma repeatedly (at most once for each 
n & I appearing in F{e,u)), to obtain leaves 0' where rks{\F(e,u)\Qi^) = 0. 
Then the claim follows as in Lemma 16.21 □ 

Lemma 6.5. For any 0 and C, there is a deduction of consisting of Cut- 
inferences of rank < 17 + p{Q, C) from correct sequents 0^ such that for each 
(f G F{Q,C), 0'^ decides (f. 

Proof. By induction on i^{Q,C) and repeated applications of Lemma ( 6.21 
Lemma 16.31 and Lemma 16.41 we obtain a deduction of 0 from sequents 0' 
where, for every cj) G F{Q') with rks{\(p\Qi^) = p{Q'), there are no canonical 
expressions in Such a sequent must have a formula in the 

language of Peano arithmetic for each (f> G F{Q, C), so 0'^ decides each such 
(/). If 0' is correct, we are done. 

If 0' is not correct, it must be because there is some (e, u) G 0' with 0'^ 1= 
-^F{e,u)] if F{e,u) G F{0,C) then 0g decides F{e,u), so 0^ 1= -^F{e,u), 
so 0' is an instance of AxF. Otherwise e must be a formula n (z I and 
u = T. If c„ G dom(0'), if 0g(c„) ^ ? then again 0' is an instance of AxF. 
We cannot have 0g(c„) = ? or 0 dom(0'): since 0'g decides B{0,n,I) 
then properness of 0'p implies admissibility of 0 p, which (together with the 
monotonicity of B) implies that |i?(0, n, L)| 0 ^ must be true, so 0^ 1= F{e, u), 

contradicting the assumption that 0'^ 1= -iF{e,u). 

□ 

Lemma 6.6. For any 0, there is a deduction of consisting of Cut-inferences 
of rank < 17 + p{0, C) from correct sequents 0' such that: 

• for each (f G F(0, C), 0'g decides cj). 

• if Crj is an Induction axiom i;/>(0, s) A ^(j){t,s) 3x{4>{x,F) A 

^(j){Sx,F)) such that 0' 1= -iCr/ then for all m < |7|0/^ + 1, 0^ 
decides 4>{m, F). 

Proof. By the previous lemma applied to 0, C U Cr, there is a deduction of 
0 from sequents satisfying the first clause. So assume 0 already satisfies 
the first clause. Call an Induction axiom Crj unfinished at 0 if the second 
clause does not hold for Crj. We proceed by induction on the number of 
unfinished Induction axioms in 0; if there are none, we are finished. 

If ^(0, s) A ^4>{t, F) 3x{4>{x, s) A ^(j){Sx, s)) is an unfinished axiom, the 
first assumption implies that |t|©g is a numeral n. We apply the previous 
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lemma to 0, s) | m < n-|-1} to obtain a deduction of 0 from sequents 

satisfying the first clause. Any axiom finished in 0 will be satisfied in all 
sequents 0', so the claim follows by the inductive hypothesis. □ 

Lemma 6.7. For any 0, there is a deduction of consisting of Cut-inferences 
of rank < 0 + p{Q, C) from sequents 0' such that: 

• for each 4> G F{Q,C), Q'g decides cf. 

• if Crj is an Induction axiom (/>(0, s) A ^<f>{t,s) —>■ 3x{4>{x,s} A 

^4>{Sx,s)) such that 0' 1= ->Cr[ then for all m < + 1, 0^ 

decides s), 

• if Cri is a Closure axiom Vx(A(x, (/>(x)) —>■ 0(x)) —>■ Vx(x G / —>■ 
(/>(x)) such that 0' 1= ^Crj then, taking n a I to be the first formula 
in P sueh that 0' 1= ^(p{n), for all m a I appearing before n £ I in 
P (ineluding n), 0' decides 4>{m) and A{m,4>{m)). 

Proof. By the previous lemma applied to 0, CuCr, there is a deduction of 0 
from sequents satisfying the first two clauses. Again we call Crj unfinished 
if it is a Closure axiom violating the third clause. We proceed by induction 
on the number of unfinished axioms; if there are none, we are finished. 

Suppose Crj = \/x{A{x,(f{x)) —>■ i?i(x)) —)■ Vx(x G I —>■ <f{x)) is an un¬ 
finished axiom. Since 0 1= -^Crj, we must have 0 1= 3x(x G / A -<4>{x)), 
so there is some n G / in P so that 0 1= —'(j){n). We apply the previ¬ 
ous lemma to 0,{(f{m), A{m,4>{m)) | m G / appears before n G I in P} U 
{(/)(n), A{n, (f){n))}. Any axiom finished in 0 will be finished in all sequents 
0', so the claim follows by the inductive hypothesis. □ 

Theorem 6.8. There is a derivation of 0 consisting of Cut-inferences of 
rank < 17 + /?(0, Cr). 

Proof. We apply the previous lemma to 0, Cr. We claim that all sequents 
0' satisfying the three clauses in that lemma are axioms. Suppose 0' is not 
an AxF or AxS axiom. The only way the P^-rule fails to apply to 0' is if 
there is a (c^,?) G 0^ such that 0' fails to decide n G /; there are finitely 
many such n G I, so by finitely many applications of Lemma 16.31 we may 
derive 0' from instances of the AxH axiom. □ 

7. Predicative Cut-Elimination 

7.1. Outline of Predicative Cut-Elimination. 

Definition 7.1. Let d be a deduction. If A G {Cut,CutFr, Fr, H, HS} 
and COG {<,<,=,>,>} then we say A(d) co r if every application of a rule 
X, or in d has main expression with rank tx] r. 

We say d is an r-deduction if Cut{d) < r, CutFr{d) < 0, Fr{d) > r, and 
H{d) > r. 

We say d is an r~^-deduction if Cut{d) < r, CutFr{d) = r, Fr{d) > r, 
and H{d) > r. 
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The basic operation in the cut-elimination proof is to take an r -|- 1- 
derivation of 0 and convert it to an r-derivation of 0. As an intermediate 
step, we produce an r'*'-derivation, since an r'*'-derivation may be pruned 
(Lemma I7.2p to an r-derivation. The conversion of an r -|- 1-derivation to an 
r■'“-derivation takes place inductively, beginning at the axioms. The main 
step occurs at the Cute rule with rk{e) = r\ suppose we have, inductively, 
converted all branches of some Cute rule to r“’'-derivations; 

AxHeu 


r'*'-derivation d? 


( e ,?,/),0 


(e,u),0 


0 . 


r+-derivation d,. 


Cute 


:^r -|- 1-derivation 


We should replace the Cute rule with a CutFre rule, which is permitted 
in an r^-derivation. This means setting e to be temporary everywhere in 
the branch above (e,?,t),0 (that is, if 0' is some sequent appearing in the 
branch above (e, ?,t),0, we should replace it with 0'' which is identical 
except that Qp{e) = /); this is Lemma I7.1UI This invalidates all AxHe^u 
axioms above (e, ?, /), 0; these axioms must be replaced by He^u inferences, 
and we must produce an r'*'-derivation of (e, u) to place above them: 

? 


r'’'-derivation d? 


(e, u), L]<y. 
(e,?,t),S 

(e,?,t),0 


He 


0 . 


y>r+-derivation du 

I 

- CutFre 


: \r + 1-derivation 

0 ^ 


If 0 were equal to 5]<r, we could simply place du as ?. We will have to 
make some modifications to du to make it a deduction of (e, u), S<r. There 
are two sources of differences between T,<r and 0, corresponding to ways 
d? might have modified expressions of rank < r and ways d? might have 
modified expressions of rank > r. 

We consider the < r case first; the derivation d? is an r+-derivation, so 
the only inference rules modifying the expressions of rank < r are Cute' 
inferences. There might be both CutFrp and inferences with rk{e') = 
r; importantly, however, if an He'^u inference appears, we have (e',7,t) ^ 
0: the branch d? can introduce new rank e' terms with a CutFre', and 
then higher-up those terms might be modified with He'^v inferences, but 
the branch does not remove any expressions of rank < r from 0. (This 
property is formalized in Lemma 17.41 1 We attempt to copy these over to 
du by replacing each sequent Q' in du with 0' U S<r; the only obstacle is 
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if there is a Cute' or CutFrg/ inference in du with e' E dom(S<r \ 0): if 
(e', v) E T,<r then 


(e',?,t), (e,u), A' 


ie',v), (e,t6), A" 
ie,u),A' 


(e,M), A' 
{e,u),A 


ie',v), (e 

CutFre'u (s',v),(e 

^ becomes ^ 

{e,u 


(e, u 

ie,u),e 

(Note that, since {e',v) E S<r, we include it in the deduction on the 
right only for clarity: {e',v), {e,u), A" U S<r = (e, tt),A" U 5]<r.) This 
transformation is the content of Lemma O This step is why we need 
to use the CutFr inference as an intermediate step: during the process of 
converting an r + 1-derivation to an r'*'-derivation, we need to keep the 
side branches around. After we’ve converted the whole deduction to an r'*'- 
derivation, the side branches are no longer needed, so we prune them to 
obtain an r-derivation. 

We turn to the second class of differences between S<j, and 0: 0 contains 
terms of rank > r which were deleted in S<r. To restore these, we produce 
a deduction of {e,u),T,<r from {e,u),Q U T,<r- To do this, we consider the 
path from 0 down to 0. The only inference rules in this path affecting 
expressions of rank > r are s-nd Fr^/ rules. In Lemma 17.91 we simply 
repeat the same sequence of and Fr^,/ rules (ignoring all Cut rules in 
the path, since any expression introduced in a Cut rule in p is still present 
in S<r): 


du U 


repetition of p< 


^(e, u), 0 U S<r 


(e, n), Lj<y. 

(e,?,t),0 


H, 


(e,u),0 


0 . 


CutFrp 


: >path p 


7.2. Predicative Cut-elimination. 

Lemma 7.2. If d is an r~^-deduction of 0 from S then there is an r- 
deduction of 0 from S. 


,u),A"uE 
u), A' U S 
),AUS<^ 
),0US<^ 
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Proof. Prune every CutFr inference to an Fr inference. □ 

Lemma 7.3. If 0 is a sequent in an r + 1-deduction of 0 then Qt > r and 
Qf < r. 

Proof. By induction on d beginning from the root. This is trivial for 0. If 
0 appears in the premise of a Cute or Cut^ rule with conclusion 0' then 
Qt = Q't and 0/ C 0'/ U {e}, and rk{e) < r. If 0 appears in the premise 
of a Tre rule with conclusion 0' then Qt = Q't U {e} and rk{e) > r + 1 and 
Qf = Q'f. If 0 appears in the premise of an He,v rule with rk{e) ^ H with 
conclusion 0' then Qt C Q't and Qf = Q'f. If 0 appears in the premise 
of an He^v rule with rk{e) = fl, still Qf = 0'/, and if e G 0t \ Q't then 
rk{e) = H > r. □ 

Lemma 7.4. IfT, is a sequent in an r^-deduction of Q with r ^ fl then: 

• 0<r \ 0t C S, 

• (S/)>. c 0 , 

• If Qt > r then St > r, 

• if r > H then Qp is an initial segment of Up. 

Proof. Consider the path from 0 up to S. The only inference rule which 
could cause an element of 0<,. to be removed is H, which can only happen 
to elements in Qt. The only way to add a fixed element is with a Cut 
inference, but all Cut inferences have rank < r. The only way to add a 
temporary element is with a CutFr ox Fr rule, which have rank = r and 
> r respectively, so if 0t > r then St > r. The only way to modify the P 
component in an r^-deduction with r > It is with a rule. □ 

Definition 7.5. Let 0 and S be two sequents. Then 0 and S are compatible 
if: 

• Qs U Ss is a function, 

• 0i7’USi7’isa function, 

• Either Qp extends Sp or Sp extends Qp, 

• For each n G / in both shorter of 0p and Sp, either Qv{n G /) C 
Su(n G I) or Su(n G /) C 0v'(n G I). 

If 0 and S are compatible, we write 0 U S for the componentwise union— 
(0US)s' = 0s'USs', (0US)p = 0pUSp, (0US)p is the longer of 0p and 
Sp, and (0 U S)y(n G /) = Qv{n G /) U Su(n G I) (where Qv{n G /) = 0 
if n G / ^ dom(0u), and similarly for Sy). 

Lemma 7.6. If 0 and S are compatible then 0 U S ts a sequent. 

Lemma 7.7. Suppose d is an r^-derivation of Q with r ^ Pt. Let S < r 
he a correct sequent such that 0 and S are compatible, (S/)>r C 0, and 
T,t > r. Then there is an -derivation d U S o/ 0 U S. 

Proof. By induction on d. Consider the final inference of d. 

Suppose the final inference is Cute or Cutgso rk{e) < r. If e ^ 
dom(S) then for each u, we apply the inductive hypothesis to obtain U S 
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and then apply a Cutg. We cannot have e since rk{e) < r and T,t > r. 
If e € dom(S) then dss(e) U S is the desired deduction. 

The case is similar. If e G dom(S) and S 5 (e) = ? then we take 

d? U S as the desired deduction. If 5]s(e) = T then we let P' be the initial 
segment of Sp ending in e, and let Pg = P' \ Op; we then take dp^y^p^ U S 
as the desired deduction. If e ^ dom(5]) and Sp C 0p, we proceed as for 
a Cutg, applying a inference to the deductions dp^y^ US. If Sp 

properly extends 0p, we have to trim the branches; let P = Sp \ 0p, and 
for each Pg proper for e, 0 U S, let P'g be P'~'Pg and let = I 4 U (Sy f P). 
We apply a inference to the deductions dp^^ ,Vi u S. 

Suppose the final inference is CutPrg, so rk{e) = r. If e 0 dom(S) then 
again, for each u, we apply the inductive hypothesis to obtain d^jUS and then 
apply a CutPr. We cannot have e G S/ since rk{e) > r and (S/)>,, C 0. 
If e G dom(S) then ds 5 (e) U S is the desired deduction. 

Suppose the final inference is Frg, so rk{e) > r. Then e ^ dom(S), so we 
apply Frg to d' U S. 

Suppose the final inference is Hg^^, so rk{e) > r, 0 = (e,?,t),T, and 
the premise is 0' = (e, m), Since S < r < rk{e), removing e from 

S cannot change the correctness of S, so let S' = S — {e}, so (S'/)>r C 
0'. Therefore S' and 0' are compatible, so we may apply the inductive 
hypothesis to obtain a derivation d' * S' of 0' * S', and d * S is obtained by 
applying Hg^y to d' * S'. 

Note that any axiom remains an axiom after a union with S (though it 
is possible for one axiom to change to a different axiom). □ 

Definition 7.8. An r-path is a sequence 0o,..., 0n with Qq = 0 appearing 
as a path in some r-deduction. 

Lemma 7.9 (Repetition). If (Qq, ■ ■ ■, On) is an r + 1-path with 0 = 0^, 
T, < r is a correct sequent, Q<r ^ S, and if r > H then Op is an initial 
segment of Up and for each n II I in dom(0y), Qv{n G /) C Sy(n G I), 
then 0 and S are compatible and there is a deduction of S from 0 U S 
consisting only of Fr and H inferences of rank > r. 

Proof. By induction on n. This is trivial when n = 0. Suppose n > 0; let 
0' = 0n-i- The inference rule between 0„ and 0^-1 is one which can occur 
in an r + I-deduction, so 0'<^ C 0<r. Therefore the inductive hypothesis 
applies to 0', and there is a deduction of S from 0' U S. Consider the 
inference between 0 and 0 ': 

• Cutg, Cut^: Then {e,u) G 05 for some u, and since rk{e) < r, 
(e, u) G S 5 , so 0' U S = 0 U S. 

• Frg. Since rk{e) > r, e ^ dom(S 5 ), so an Frg axiom derives 0' U S 
from 0 U S. 

• Hgy. 0 = (e, u), 'T<rk(e) where 0' = (e, ?, t), T. Since rk{e) > r + 1, 
(e, ?) ^ S 5 , so Hg^u gives a deduction of 0' U S from 0 U S. 

□ 
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Lemma 7.10. Let d be a deduction of (e, u, /), 0. Then there is a derivation 
d' of {e,u,t),Q from sequents S where the H-rule applies and e is active, 
such that every inference rule in d' appears in d. 

Proof. By induction on d. Consider the last inference; if the last inference 
is anything other than an AxH^^v, we apply the inductive hypothesis to all 
premises and then the same inference rule. 

If (e, M, /), 0 is an instance of AxH^^v and e is not active then (e, u,t),Q 
is also an instance of AxH^^v If e is active then we may leave (e, u, t), 0 as 
a leaf. □ 

Theorem 7.11. Let d be a derivation of Q ending in a Cute with rk{e) = 
r ^ Ll such that the immediate subderivations are r~^-derivations and there 
is an r + 1-path for the endsequent. Then there is an r~^-derivation d' of 0. 

Proof, d? is an r'*'-derivation of (e,?,/),0. By Lemma 17.101 there is an 
r'''-deduction d'-, of (e, ?,t),0 from sequents (e,?,t),T where e is active. 

Consider some such sequent in d?. We may derive it by an He,u inference 
from S = (e, m),T<j,. Since S is the result of an dd-step, S is correct, by 
Lemma ITIHI we have 0<rt = 0, so by Lemma 17.41 we have 0<r C S. By 
Lemma Ea S U 0 is defined, and there is a deduction of S from S U 0. 

du is a deduction of {e,u),Q, and by Lemma f7.4l we have (S/)>r C 0 
and, since Qt > r, also St > r, so by Lemma 17.71 d^ U S is an r^-derivation 
of 0 U S. 

So we have an r^-derivation of each leaf of d?, giving an r^-derivation 
d" of (e, ?, t), 0. We obtain the desired deduction d' by applying a CutFre 
inference to d" and the d„. □ 

Theorem 7.12. If d is an r -1- 1-derivation of 0 with r ^ Q and 0 has an 
r + 1-path then there is an r~^ -derivation d' of Q. 

Proof. By induction on d. Consider the last inference of d; if the last infer¬ 
ence is anything other than a Cute with rk{e) = r, the claim is immediate 
from the inductive hypothesis. 

Suppose the last inference of d is a Cute with rk{e) = r. We apply the 
inductive hypothesis to obtain r'''-deductions d(^ of (e,u),0. We may then 
apply the previous theorem to obtain the desired r^-derivation. □ 

We also need a slightly more complicated version of this argument when 
we have an Q-derivation. 

Theorem 7.13. If d is an Ll-derivation of Q and 0 has a path consisting 
of H and Fr rules of rank > 12 and Cut rules of rank < r then there is an 
r - derivation d' o/0. 

Proof. By induction on d. Note that the path is an s-path for all s > r. 
Consider the last inference of d; if the last inference is anything other than a 
Cute with rk{e) > r, the claim is immediate from the inductive hypothesis. 

Suppose the last inference of d is a Cute with rk{e) > r. By the inductive 
hypothesis, there are rk{e) -I 1-derivations dg of each {e,u),Q. Combined 
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with an application of Cute, we have an rk(e) + 1-derivation of 0 with an 
rk{e) + 1-path, so by rk{e) —r+ 1-applications of Theorem 17. 121 and Lemma 
Ea there is an r-derivation of 0. □ 


8. Impredicative Cut-Elimination 

8.1. Outline of Elimination of rank Q Cuts. When rk{e) ^ fl, the 
formula F{e,u) depends only on expressions of rank < rk{e). At rank 
fl, this breaks down, and the dependencies can even become circular. In 
the method of local predicativity, this is resolved by stratifying the rank fl 
expressions so that we can assign ranks which are countable ordinals. As 
noted in the introduction, we avoid that approach here, but the idea that 
this should be possible motivates our construction. 

Informally, we can identify which rank expressions have an “effective 
rank” which is higher or lower than another expression. By effective rank, 
we do not mean a formal assignment of ranks to expressions; rather, we 
mean that we can identify which expressions behave as if they have lower 
rank than others in the context of a particular historical substitutions. The 
essential behavior of rank is the following: 

e has lower effective rank than e! if and only if, in an iL-step 
with main expression e, e' is removed after the iL-step. 

Our procedure for eliminating the rank fl cuts is to arrange the process in 
an order which respects the effective rank. 

The main complication in our setting is that the effective rank of e is 
determined at the moment an H-siep occurs—that is, we cannot expect to 
go through an n -|- 1-derivation and assign effective ranks to individual Cut 
inferences; rather, we must assign the effective rank at AxH axioms. 

Given an 11 -|- 1-derivation of 0, we first eliminate all AxHc„ axioms 0 
where (n € L, T) ^ 0; in such axioms, Cn always has maximal effective 
rank (since if {e,u) € 0 with u ^ ? and rk{e) < Q, then {e,u) is also 
present in H{Q)). Along the way we will convert all inferences 

into CutFr^'^^'^'^, but we will not prune them, since they will also be needed 
in the following step. 

We describe what this process looks like; the main difficulties are caused 
by eliminating AxHc^ where {cm, ?) is present for several other values of 
Cm- In particular, different things can happen depending on whether the 
Cut inference introducing Cm occurs above or below the Cut inference in¬ 
troducing Cn- 0UI' definitions have been rigged to make this go as smoothly 
as possible, as we now illustrate. For simplicity, we illustrate the case with 
three Cut^’^^^'^ inferences in immediate succession where we eliminate the 
middle one, since this demonstrates all the important features. 

We begin with an 11 -|- 1 derivation like this: 
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(Cfc,?,/),(Cn,?,/),(Cm,?,/),S 

(cfc,?,/),(Cn,?,/),(Cm, ?,/),© 

(Cfc,?,/), (Cn, ?,/),© 


AxHr 


Cute 


(Cfc, ?,/),© 


Cutr 


© 




Cfc 


After elimination, we get the derivation 


(cfc,?,t),(c„,'u,t),©US* 
(c„,'u,t),© U S* 


CutFre^ 


(cfc,?,t),(Cn,?,f),(Cnt,?,t),© _ 

(Cfc,?,t),(cn,?,t),© 

(Cfc,?,t),© 


CutFvc 


m 


© 

0 


CutFrc„ 


CutFre^ 


The main complication is that we need to insert a Cut Fra. when we carry 
out repetition. In order to have the extra derivations needed to construct 
the side branches, we will use a more complicated inductive hypothesis. 

We turn to the second stage, where we eliminate all remaining AxFf 
axioms of rank fl—that is, all the AxH axioms where a formula is changed 
(either from negative to positive or positive to negative). Here we need some 
additional work to ensure that we eliminate AxH axioms in the right order. 
The basic issue is this: suppose we have an AxHn^i axiom 0; we expect 
to replace it with an //-inference. As in predicative cut-elimination, we will 
have a derivation dy which we intend to modify into a derivation of H{Q). 
The issue is that, in the derivation above H{Q), all //-steps which keep 
(n € /, T) have higher effective rank than n € I, while all //-rules for Cn 
have lower effective rank. This means that when we place dy above //(©), 
we should have already eliminated all AxH axioms S of rank H such that 
n € / is in H{T,)p; on the other hand, any AxHc^ axiom where m = n or 
m ^ I appears before n G / in 0p should be eliminated later. 
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The simplest case goes as follows. Suppose we have a derivation where 
this situation occurs. (The order of the CutFr and Cut is not particularly 
significant.) 


ic „,g /.?,/).£ 


AxHn^I ,T 


(n G 




CutFr 


(n G /, T,/, P, y),0 


dpA 


Cut 


0 

As we proceed inductively, we first apply cut-elimination to the side- 
branch dpy, at the conclusion of this process we have an fl-deduction d'py 
of (n G /, T, /, P,V),Q with the property that every AxH axiom T of rank 
Q has //-expression Cm with either m = n or m G / appearing before n ^ I 
in P. (In particular, (n G /, T) will not be present in //(T).) 

We do not apply cut-elimination to du yet; instead we carry the unmodi¬ 
fied derivation du along as part of the inductive process. When we eliminate 
this AxH axiom, we place d'py above it (using the same process as in the 
predicative case—repeating the path to 0 and then taking a union with 
d'py). We also modify d'py by replacing (n G /, T,/) with (n G /, T,t). 
This causes certain AxH axioms to be invalid—specifically, exactly those 
axioms with Cn as the //-expression. 

We do a further elimination step with these axioms, using the derivation 
du which we carried along. As always we perform the repetition step and now 
we apply our process inductively to du (while simultaneously performing the 
union step). This is the correct order—we should apply cut-elimination to 
du after we have placed d'py on top of S, since this respects the effective 
ranks—but it leads to a complicated inductive ordering which is specified in 
Section 18.31 

8.2. Leaving Formulas Alone. Throughout this subsection, when the H- 
step applies to (e, ?), T where e = e((e, ?), T) and rk{e) = Q, we will write 
T* = //((e,?),T). 

We need a notion intermediate between the 11-1-1 and H^-deduction: 
Definition 8.1. We say d is an n*-deduction if: 

• Cut{d) < H, CutFr{d) = H, Fr{d) > Q, H{d) > Q, 

• There are no inferences in d. 

We introduce the following, basically ad hoc, notion to help us keep track 
of the rank H elements which remain fixed in ll*-deductions: 

Definition 8.2. We write 0s = 0=f7U0^J^“™U{(cm, ?) G 0 | (m G /, T) G 
0 }. 

Note that 0s is the part of 0=o which is kept after an //-step with 
//-expression Cm where m G / is not in 0p. 

We need an analog of Lemma 17.71 suitable for this context: 
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Lemma 8.3. Suppose d is an 0.*-derivation of Q and S is a sequent such 
that: 

• S is correct, 

• 0 and S are compatible, 

• T, < Q, 

• c Ss n St, 

• St > Q, 

• (0US)f^[f C (0US)/. 

Then there is an Q*-derivation d U S o/ 0 U S. 

Proof. By induction on d. Consider the final inference of d. If the final 
inference is a Cut,,, a Crttg’^™™, an Fr^, or an Hf. with rk{e) > Q, we 
proceed as in Lemma FTTl 

In the case of an He inference with rk{e) = fl, we have to note that 
since there are no temporary formulas in 0, the dl-expression must be a 
term Cn- Since the H-vule applies to 0, n € / must be in dom(0), and 
since n & I cannot be active, (n € 1,7) € Qs- Therefore (n € 1,7) £ 
(0 U T,)s, so the only active expressions 0 U S are (0 U \ (0 U S)s. If 

{cn, ?) G (0 U \ (0 U S)s then either (cn, 7) £ 0=^^™ \ Qs (in which 

case Qpicn) = t because Cn is active in 0) or (cn,?) £ C St. We 

must check that the dd-rule still applies; the only possible obstacle would 
be if (cm,7) G 0 U S but m £ I ^ dom(0 U S). But if (cm,7) G 0, 
m £ I £ dom(0) C dom(0 U S) because the dd-rule applies to 0, and if 
(cm, ?) G S then {cm, 7) £ Ss, so (m £ I,T) £ S. So we may derive 0 U S 
by an dl-rule from 0' U S. (Note that, unlike the predicative case, we do 
not delete elements from S when we apply the inductive hypothesis.) 

Suppose the final inference is a If e G dom(S) and S 5 '(e) = ? 

then we must have S 5 (e) = t (since (e, ?) ^ 05 ), so we may take d? U S. 

Suppose e G dom(S) but S 5 (e) ^ 7. If T,p{e) = f, we may take dss(e)0^' 
Suppose Si7’(e) = t; we apply the inductive hypothesis to obtain a deduction 
c^Ss(e) U (S \ {(e,S 5 (e),t)}) of (e, E 5 (e),/), 0 U (S \ {(e, E 5 (e), t)}). By 
Lemma FT.IOl we obtain a deduction d' of 0US from sequents where e is active. 
Suppose e is active at some sequent T; then e(T) is a formula, and therefore 
must be fixed in T (since 0 U S contains no temporary formulas, and no 
inference rules in an n*-derivation can introduce temporary formulas), so T 
is an instance of AxH. Then d' is the desired derivation. 

If e 0 dom(S), we apply the inductive hypothesis to obtain n*-derivations 
of (e, M, i), 0 U S and apply a inference to obtain the desired 

derivation d' of 0 U S. □ 


Definition 8.4. If 0 is a sequent, we write for the sequent where: 

• 0te™^* = Qs, 0)!''“^* = Qp, = 0^., and 

• 0)S™^*(e) = 


t 

0p(e) 


if rk{e) = fl, e is a term, and 05 (e) = ? 
otherwise 
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Lemma 8.5. Suppose (0o, • • •, On) is an + 1-path in an + 1-derivation 
with 0 = 0n and T, is a correct sequent such that: 


'E<Vt, 

0 term—\ 0 term— 


0 —.term ^ v^ —.term 

• if (e, u) G with u ^ 1 then (e, ?) 0 0 , 

• 0p is an initial segment ofT,p, and 
• for each m £ I in Qp, 0\/(m G /) = Tivijn G I). 
Then 0^™^* and S are compatible. 


Proof. By induction on n. This is trivial when n = 0. Suppose n > 0; let 
0' = 0n-i- Since the inference between 0n-i and 0 is one occurring in 
an n + 1 -derivation, the inductive hypothesis applies, so 0 n-i and S are 
compatible. If this inference is anything other than a inference, 

we proceed as in Lemma 17.91 

If this inference is a inference, we have (e, u) G 0. If u 7 ^ ? then 

(e,u) G S. If u = ? and (e,u) G S then since (e, ?) G 0, u = ?. Otherwise 
e ^ dom(S). □ 


Lemma 8.6. Suppose {Qq, ..., 0^) is an Vt, + l-path with 0 = 0„ and S is 
a correct sequent such that: 


T,<n, 

Qterm^t \ ^ 


© — .term ^ —.term 

• if (e, u) G with u then (e, ?) ^ 0, 

• C Ss n St, 

• T,t > Cl, 

• c s/, 

• Qp is an initial segment of Tip, and 
• for each m £ I in Qp, Qv{rn G /) = Sy(m G I). 

Suppose that for each i < n such that Oj-i-i = (e,?,/),0j where rk{e) = 
H and e is a term, there is a family {de,v} such that each de,v is an Cl*- 
derivation of (e, v, /), 

Then there is a derivation d of T, from u S consisting only of H 

and Fr inferences of rank > II, and CutFr^’^^'^'^ inferences. 


Proof. By induction on re. This is trivial when re = 0. Suppose re > 0; let 
0' = 0n-i- We have 0 <q C 0<q, so the inductive hypothesis applies to O', 
so there is a deduction of S from 0' U S. Consider the inference between 0 
and O'; if it is anything other than a we proceed as in Lemma 

E3 

Suppose the inference is a C'retg’*®''™, so some (e, re) G 0^. If re 7 ^ ? 
then (e, re) G S 5 so 0' U S = 0 U S. If re = ? then either (e,re) G S 5 , so 
0' U S = 0 U S, or e 0 dom(S). In the latter case, we derive 0' U S by a 
CretFr^’*®™ inference. The ?-branch is 0 U S. 


28 


HENRY TOWSNER 


To obtain the u-branches for u ^ observe that we have a derivation de^u 
of (e, u,/), We attempt to apply Lemma [531 to obtain derivations 

de^u U 5]; by assumption S is correct. Since compatible, 

e 0 dom(S), S < 0 , and ( 0 n-i)<r 2 C 0 , also 0 n-i and S are compatible. 
By assumption, S < fi, C Bs fl Bt, and Bt > n. We also have 

(0n_i)^™ C Qn-if and B^™ C B/ by assumption. 

Therefore a inference applied to the derivations d^^u U B and 

0 U B gives the desired derivation. □ 

Lemma 8.7. Suppose d is an Q + 1-derivation of 0 such that there is an 
n + 1-path 0 = 00 ,..., 0 n = 0 for 0 . 

Suppose that for each i < n such that 0i+i = (e,?,/),0j where rk{e) = 
n and e is a term, there is a family {de^v} such that each de^v is an VL*- 
derivation of (e, v, /), 

Then there is an Id*-derivation o/0*®’’™^*. 

Proof. By induction on d. We consider the final inference of d. If 0 is an 
axiom other than AxH, jg instance of the same axiom. 

Suppose the last inference is anything other than a or an AxH^^v, 

so we infer 0 from {0i}jgx with an inference I where, since I appears in an 
fl + 1-derivation, I is an Hg or Fr^ with rk{e) > II, a Cute with rk{e) < H, 
or a Cutginference. So the inductive hypothesis applies to each di to 
obtain n*-deductions of 01®''™“^*^ and applying the same inference I gives 
the desired deduction of 0 *®™-^'*. 

Suppose the last inference is a Then there are 11-|-1-derivations 

du of {e,u,f),Q for each u € N. We may apply the inductive hypothesis 
to each side branch to obtain II*-deductions of (e, u,/), 0*®™^h We 
then apply the inductive hypothesis to the deduction d? of (e, ?, /), 0 taking 
de,u = We combine these inferences with a CutFr^'^^'^'^. 

Suppose the last inference is an AxHg^v axiom and whenever e' is active 
in 0^''™“^*(e') = t. Since 0 is an instance of AxHe^v, there must 

be some active e' which is a term of rank U. Since no formula is temporary 
in g must be a term c„ with (n € I, T) 0 05 . We may deduce 

0 term^t from a sequent B = (e,v,t),Q* by an He^v inference. 

First, we collect some facts about B: B < H since it is the premise of an 
iL-rule of rank 11. Since this was an 77-rule for a term, also C Bs; 

if (e, ?) G then (e, ?) G 0 *®™-^*^ so (e,?) G Bt. Since there is an 

n + l-path for 0, Bt > H and B^^^” C B/. 

We have an II*-derivation de,v of {e,v, f),&i for some i. We construct a 
derivation of B from 0l®™“^^uB using Lemma [531 There is an H-l- 1 -path for 
0i. Note that \ 0 term^i^ ^ gQ 0 term^i^ ^ 

have (0i)Z^"''” C 01^'^'^“ C If (e',?) G (0^)1^“ then (e',?) G 0 

and e' ^ e, so if e' G dom(B) then (e',?) G B. Various properties of B are 
checked above. {&i)p is an initial segment of 0p = Bp, and for each m ^ I 
in 0p we have 0y(m G /) = Bv'(m G I). By Lemma (831 B and 0 l®™^* 
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are compatible. So Lemma 18.61 applies, so compatible 

and there is a deduction of S from u S consisting only of H and Fr 

inferences of rank > Q and inferences. 

It remains to find an n*-deduction of 01®™^* u S. We have shown that 
(e, n,/), and 0* are compatible, 0* < fl, C 0*s n 0*t, 

0 *t > n, and all formulas are fixed in both 0* and 0j, so we may apply 
Lemma to obtain an II*-deduction of (e, v, /), 01®™^* u 0*. By Lemma 
I7.1UI we obtain a deduction d* of 0j U S from sequents where e is active. But 
if e is active at some T in d*, the dd-expression must be a formula, and all 
formulas are fixed in T, so T is an AxH axiom. So d* is an n*-derivation. 

Combining d*, the deduction of S from u B, and an rule 

gives an n*-derivation of 0**^1'™^*, □ 

8.3. Well-Foundedness. Before proving the main theorem, we need to 
establish the induction on derivations which we will need. We will consider 
triples (d, R, {dp^u}peR,ueN) where R is (for the moment) an arbitrary index 
set. For notational convenience, we assume T is a fixed element not in R, 
and we will take dy^^ = d for all u. 

Definition 8 .8. We say (d', d?', {d), {d,R,{dp^u}um,p(iR) if 

there is a function f : R' U {T } —)■ d? U {T } such that: 

• each dpi^u is a subderivation of dff^p/-^ ^, 

• if f~^{f{p')) is not a singleton or f{p') = T then each dpi^u is a 
proper subderivation of dj(p/yu. 

Lemma 8.9. is transitive. 

Proof. If (d ,R :{dp yf\u£fi,p£R") F (d , d? , {dp ^ {d, R, {dp^u}u&N,p£R)') 

there are functions f : d?"u{T} —>■ d?'u{T} and / ; d2'u{T} —)• diU{T} wit¬ 
nessing this. We claim that f o f witnesses that (d", R", {d" ,^}ugi!j_pgi{//) -<* 

(d, R, {dp^u}u£N,peR)' for any p", we have dp//_„ is a subderivation of df^pn^ .^, 
which in turn is a subderivation of as needed. To check the 

second clause, certainly if f{f'{p")) = T then d'^if^p,,^ u i® ^ proper subderiva¬ 
tion of dT,n, soit suffices to show that if f{f'{Po)) = f{f'{Pi)) then dp» 
is a proper subderivation of dff^fi^^pi^-^'j^u. If /'{pq) = f'ipi) then dp/^^ is a 
proper subderivation of dfi(^pii-^ u, and so a proper subderivation of 
Otherwise /'(p'o') / f'{p'() but f{f{Po)) = /(/'(K))> so dj-/(p»)_„ is a proper 
sub derivation of t^/(/'(p")),n- C 

Lemma 8.10. is well-founded. 

Proof. Suppose (d°, d?°, {d° „}„gN,pgijo) (d^, , {dl,u}um,p€R^) F* •••. 

For j <iwe have fij : d?*U{T } ^ djf U{T } witnessing {d^,R^, {d{,,u}ueN,peRi) 

{d\ R\ {dl^u}ueN,p&R-) with fij o ^ = fi^k- 

We say p' S dd* U {T} is a ehild of p € R^ U {T} if fi,j{p') = P- We 
say that p G R^ shrinks at i if for every child p' of p in dd*, each d^, „ is a 




30 


HENRY TOWSNER 


proper subderivation of Clearly if p shrinks at i?*, p also shrinks at 

all i' > i. 

Choose po £such that/j_o(T) = po for infinitely many z. Choose 
an zo so that /io,o(T) = po- We claim that po shrinks at zq + 1: if po does 
not already shrink at zq then T is the only child of po in zq, so po must 
shrink in all z^ > zq- We may repeat this process: choose a pi in U {T} 
with fig+ifl{pi) = Po and such that /i^ip+i(T) = pi for infinitely many i. 
Then, taking zi to be least so that = pi, pi must shrink at zi +1. 

Iterating this process, we obtain an infinite sequence of properly decreasing 
derivations , ■ ■ ■, contradicting the well-foundedness of 

8.4. Eliminating Formulas. 

Lemma 8.11. Suppose d is an ^.-derivation ofQ. Let T, be a correct sequent 
such that: 

• s < n, 

• 0 and S are compatible, 

• (S/)>n C 0, 

• = 0 , 

• Sp is an initial segment ofQp. 

• for each m £ I in Up, 0v(m G /) = Sv(m G I). 

Then there is an Ll-derivation dUT, o/ 0 U S. 

Proof. By induction on d. Consider the final inference of d. A. Cut (neces¬ 
sarily of rank < 11), or an Tr or of rank > H is handled as in Lemma 

O 

At an Fre of rank Ll, if e is a formula, we cannot have (e, ?) G S since 
= 0, and we cannot have (e,T) G S since Sp C 0p; by the inductive 
hypothesis we have an 11-derivation of (e, ?, 1), 0 U S, and an application of 
the same inference gives a deduction of 0 U S. 

If e is a term, if e ^ dom(S) then again by the inductive hypothesis 
we have an H-derivation of (e, ?,l),0 U S and an application of the same 
inference gives an H-derivation of 0 U S. If e G dom(S) then, since = 
0, (e, ?) G S, so we may apply the inductive hypothesis to obtain an 11- 
derivation of (e, ?, 1), 0 U S = 0 U S. 

At an He of rank H, note that the Ll-rule also applies to 0 U S (since 
(S/)>fz C 0). We may derive 0US from some sequent T using an He infer¬ 
ence; letting S' = S n T, the inductive hypothesis gives us an H-derivation 
of T. □ 


Definition 8.12. If 0 is a sequent, we write 0^^°“'™“^* for the sequent where: 
• = 05 , ^ 0f°>-m^*(m G /) = 0y, and 

t if rk{e) = H, e is a formula, and 05 (e) =? 

0 p(e) otherwise 


0form^t(g) ^ 


Lemma 8.13. Suppose (0o,..., 0n) is an Q.*-path with 0 = 0„ and S is 
a correct sequence such that: 
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• whenever {e,u) G 0 =^*^™ then 0 ir(e) = t, 

• whenever (e, ?) G then T,p{e) = t, 

• s < ri, 

• 0<sr^* \ c s, 

• if~{cn, u) G 0Iq™ i/ien (n G /, T), (c^, ?) ^ S, 

• Qp is an initial segment of Yip, 

• for each m ^ I in Qp, Qv{m G /) = Yv{m G I). 

Then and Y are compatible and there is a deduction of Y from 

0 form^t U Y consisting only of Fr and H inferences of rank > Q. 

Proof. By induction on n. This is trivial when n = 0. Suppose n > 0; let 
0' = 0n-i- The inference rule between 0„ and 0^-1 is one which can occur 
in an n*-deduction, so 0 <q \ Q't C 0<q \ Qt and if {cn,u) G 0' with u ^ 7 
then {cn,u) G 0, so the inductive hypothesis applies to 0'. 

Then there is a deduction of Y from Consider the inference 

between 0 and 0 h 

• Cute, Fve'. as in Lemma Ea 

• if (e,T) G Qs then (e,T) G Ys, so U S = 

0 form-i^i 0 Yi and we are done. If (e, ?) G 05 then either (e, ?) G Y, 
in which case again (0')^°’"™“^* U S = or e 0 dom(S), so 

( 0 /)form^t U Y may be derived from 0 ^™™-^* U S by an Fr inference. 

• He^v- if this is an Lf-rule of rank 17 with F-expression Cn then we 

have {cn,u) G 0”^^®“^™, so (n G I, T),(cn,?) ^ S; therefore as in 
Lemma 17.91 there is a derivation of u s from a sequent T 

by an inference. We have T C 0 foi'™->'* u Y but there may be 
{cm, ?) G S 5 \ T. By applying an Fvc^ for each such Cm, we obtain 
a derivation of T from 0 ^“™^* u 2 . 

• CutFr^’^^'^'^: we cannot be a side branch, so we apply an Fve infer¬ 
ence if (e, ?) 0 S and do nothing if (e, ?) G S. 

□ 

Definition 8.14. We say T is permitted for 0 if: 

• (r/):^” = 

• there is an n*-path for T, 

• Tp C Qp, 

• r<f 7 \ Tt C 0 , and 

• TZJ^"™ C 0. 

Theorem 8.15. Suppose d is an it*-derivation of 0 and that there is an 
Tl*-path for 0. Suppose (0/)Iq*^™ = 0. 

Let A. he a sequent with A < Q, At > Ll, A is compatible with 
Qp E Ap, ifn G I is OTdom(0p) then Qv{n G /) = Av{n G I), = 

= 0, and if (cn, ?) G A then (n G I, T, /) G A. 

Suppose there is a set R of pairs (c„,r) and, for each p = (c,i,r) G R, a 
collection of Ll*-derivations {dp^u}u£N such that: 
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• each dp^u is an 0,*-derivation of {e,u, f),T, 

• if{cn,^) € and {n G I, T) 0 then there is a pair 

(c„,r) G R with r permitted for 0, 

• if (e, A) G i? and (c^, ?) G A then there is a pair (c^, T) in R with T 
permitted for A. 

Finally, suppose that for each formula e with (e,?) G 0, there is a sequent 
Fe and a collection {d^^py} such that: 

• each de,p, Y is an ^.-derivation of (e, T, /, P, 

• there is an Ft* -path for Fg, 

• (re)<o \ Fet C 0, 

• (re/li^” = 0. 

• (re)ir“ ^ 0. 

• (Fe)p is an initial segment ofQp, 

• whenever {cn,u) G Fg with n 7 ^ ?, {n & I, T), (c^, ?) ^ 0. 

Then there is an Fl-derivation of U A. 

Proof. We proceed by induction on the ordering on {d, R, {dp,u}pGR,neN)- 
We refer to R, as the side premises] when we refer to applying 

the inductive hypothesis to a subderivation d' of d, we mean using the in¬ 
ductive hypothesis for (d', {(ip^u}pep^„gi^). The derivations d^yy will be 

called the extra data to distinguish them. 

We will split into cases based on the final inference of d as usual. With 
each step, we have to check that we have suitable side premises; this means 
both keeping track of which side premises are needed (that is, how big R 
needs to be) and checking that the needed side premises remain valid. 

Consider the final inference of d. If this a Cute inference with e G dom(A), 
we have rk{e) < Q, so {e,u,f) G A for some u, and the claim follows by 
applying the inductive hypothesis to d^. If e 0 dom(A), we may apply the 
inductive hypothesis to each du and then apply a Cute rule. Note that none 
of these cases interfere with the side-premises. 

If the last inference is an Fre inference, so rk{e) > H, the inductive 
hypothesis gives a derivation of (e, ?, t), 0 ^™™“^* u A, and an Fre inference 
gives a derivation of 0 ^°''™“^* u A. Again, this case does not interfere with 
the side-premises. 

Suppose the last inference is a CutTr)?’*®™ inference, so we have an II*- 
derivation of (e,?,t ),0 and for each u 7 ^ ? we have an n*-derivation of 
(e,ri,/),0. If either e 0 dom(A) or (e,?,t) G A, we apply the inductive 
hypothesis to {d?,R U {(e, 0)}, U {du}), since 0 is clearly per¬ 

mitted for (e, ?, t), 0. This gives us a deduction of (e, ?, t), 0 ^™™“^* u A, and 
we apply either apply an Fre inference (if e 0 dom(A)) or simply take this 
deduction (if (e, ?, t) G A) to obtain a deduction of 0 ^°’'™“^* u A. 

If (e, u,t) G A then we apply Lemma 17.101 to du to obtain a deduction 
of d'u from sequences where u is active; since all such sequents must have 
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i^-expression a formula, and all formulas are fixed in is a derivation 

of (e,u, f),0. Then we apply the inductive hypothesis to d^. 

Suppose the last inference is a so we have side branches dpy 

which are n*-derivations of (e, T, /, P, V), 0. We apply the inductive hypoth¬ 
esis with A = 0 to each side branch to obtain fl-derivations of {e,T, f, P,V), 
We use these as the additional extra data and apply the inductive hypothesis 
to the derivation of (e, ?, /), 0 , so we obtain a derivation of (e, ?, t), 

A. We then apply an Tr inference to obtain a derivation of u A. 

Suppose the last inference is an He inference. If rk{e) > fl, this follows 
from the inductive hypothesis. If rk{e) = Q, we have an II*-derivation 
d' of the premise 0* and e must be a term. We attempt to apply the 
inductive hypothesis with an appropriate subset of A to obtain a derivation 
of u A)*. If (cn,?) € u A)*, it must be because (n G 

/, T) € 0 U A, so we have the needed side-premises. 

Suppose 0 is an instance of an axiom but 0^°^™“*'*UA is not. Then 0 must 
be an instance of AxHg^v with rk{e) = and e a formula. We may derive 
0 form->-t j ^ from a sequent S = (e, T, t, P, V), 0* by an ddg^T-inference rule. 
Since (e, ?) G 0, there is an il-derivation de,p,\/ of (e, T,/, P, y), Tg^^^^h 
We attempt to apply Lemma [8.131 if {e',u) G then (re)p(e') = t 

by assumption, and if (e, ?) G then Sp(e) = t by assumption. S < H 

since it is the result of an dd-step of rank 17. By assumption, (re)<f 2 \ret C 0, 
and since \ C S, we have \ C S, and 

Tp is an initial segment of Sp. If {cn,u) G Tg with u ^ 7 then (c„,u) G 0, 
so (n G /, T), (cn, ?) ^ S. So there is a deduction of S from U S. 

It remains to produce an fl-derivation of (Tg U = pform->-t j = 

(e, T, t, P, y), U 0*. We have 0* < 17, and 0* and (e, T, /, P, F), Tg 

are compatible. Since 0* is the result of an dd-step with a formula dd- 
expression, (0*)"^ = 0, (0V)>n C (0*)+^°™ C ((e, T,/, P, y), Tg);^””, 
and 0p C ((e, T, 7, P, Id), rg)p. Therefore by Lemma 18.111 there is an 17- 
derivation of (e, T, /, P, I/), Tg U 0*. By Lemma 17.101 we have a deduction 
of (e, T, t, P, Id), rg°'’™“^* U 0* from sequents where e is active. 

We now show that we can produce an 17-derivation of each of these se¬ 
quents. Consider some sequent T in this deduction so that the P-step 
applies to T and e is active. Then the P-expression of T must be a term of 
the form c„ where n G d appears in ((e, T, t, P, Id), rg)p—in particular, if e 
is not n (z I then n (z I appears before e. But since there is an I7*-path for 
Lg, any n G I appearing in P strictly before e is hxed, so if n G d appears 
before e, T is an instance of AxH. 

So e is n G d and the P-expression of T is c^. We may deduce T by an 
P-inference from T' = (c„, u, 7), T*. Since the P-step applies to 0, we have 
{cn-,7) G 0, and therefore we have (c„,rc„) G R and a family of deductions 
dcn,u of {cn,u, f),Te^ SO that Tg^ is permitted for 0 . 

We apply Lemma 18. Idl lwith Tg^ as 0 and T' as S). If (e', u) G (Lg^)”^*^™ 
then since (Tg^/)!^*"''™ = 0, (rg„)i 7 ’(e') = 7. If (e',?) G (T')=^®''“ then 
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~ ^ because of the path for T. T' < f2 since it is the result of 
an H-step of rank If {e',u) € \ then {e',u) is 

fixed in 0, and since the inferences between T' and 0 all come from an 
ri-derivation, also (e',u) G T'. If {cm,u) G then {cm,u) G 0, so 

icm,u) G Ty(n G I), so {m G /, T),(cm,?) ^ T'. If (m G /, T) G then 
since (rc„)p E 0p = Tp, (m G /, T) G T'. Therefore and T' are 

compatible and there is a deduction of T' from u Xh 

We apply Lemma lT.lUl to dc„,n to obtain an n*-deduction of (cn,u, 
from sequents where c„ is active; since all such sequents must have H- 
expression a formula, and all formulas are fixed in Tc^, „ is also an II*- 

derivation. Finally, we apply the inductive hypothesis to „ with A = T* 
and the needed side-premises. Clearly ((cn, u, t), = (T*)~^®™ = 

0, T* < n, T*t > H, and we have shown that T* is compatible with 
Because T* is the result of an H-step with //-expression c^, if {cm, ?) G T* 
then (m G /, T, /) G T*. □ 

8.5. Putting it Together. 

Theorem 8.16. Suppose IDi h 3x(j){x) where (j) is quantifier-free and does 
not contain the symbol I. Then there is an n such that 4>{n) holds. 

Since this is a consistency result, one usually considers explicitly what sys¬ 
tem the proof takes place in. The usual approach would be to describe a sys¬ 
tem of ordinal notations and add, to each of the steps in the cut-elimination 
proof, a calculation showing that that the steps increase the ordinal bounds 
on the proofs in a controlled way. Since the ordinal notation systems for IDi 
are both well-known and complicated [8lll2t[^. and since assigning ordinal 
heights to the combinatorial steps described above is routine, we omit the 
calculation of ordinals from this already along paper. The reader who is 
troubled by a theorem claiming a consistency proof may prefer to assume 
that all proofs in this paper are formalized in RCAo-l-ITO(a), and therefore 
that the main theorem says 

The theory RCAq -|- WO{a) proves that whenever IDi h 
3x4>(x) where is quantifier-free and does not contain the 
symbol I, there is an n such that 4>{n) holds. 

Here RCAq is a second order theory conservative over primitive recursive 
arithmetic [27] (the second order part is being used to formalize the infini- 
tary proof system; this could also be done in primitive recursive arithmetic 
with extra coding) and a is a system of ordinal notations for a sufficiently 
large computable ordinal. (This ordinal a should be the Howard-Bachmann 
ordinal; without doing the necessary calculations, we cannot claim to have 
given a new proof that this specific ordinal suffices, however.) 

Proof. Since IDi h 3x4>{x), also ID\ h 3x(p{x) (interpreting this as the 
formula 4 >{c 3 x(j)(x,y){d),d) where d is all closed terms in f. 
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Then by Theorem l6.8[ there is a derivation of 0 consisting of Cttf-inferences 
of rank < + r for some finite r. In particular, this is an + r-derivation 

of 0. By r — 1 applications of Theorem 17.121 followed by Lemma 17.21 there 
is an n + 1-derivation of 0. 

By Lemma 18.71 there is an fl*-derivation of 0 with no unjustified terms. 
We apply Theorem 18.151 with A = 0 and i? = 0 to obtain an ll-derivation of 

0 . 

Therefore by Theorem 17.131 there is a 0-derivation of 0. But in a 0- 
derivation, the only possible inferences are Fr and H inferences. Therefore 
this derivation is a line, and the sequents are 0 = ©o, ©i,..., 0fc for some 
k, and 0^ must be an axiom. Each ©j must be correct since Fr and H 
inferences preserve correctness, so ©^ is not an instance of AxF. ©^ cannot 
be an instance of AxH since {Qk)F must be constantly equal to t. So 0^ is 
an instance of AxS, and so is a solving e-substitution. 

In particular, ©^ 1= 3x4>{x), and therefore 4>{®k{c3x(f>(x,y){d)),d) must be 
true. □ 
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